Homeland 
Security 

Daily Open Source Infrastructure Report 

1 0 December 2015 

Top Stories 

• Over 40 residents were temporarily displaced following a Tabula Rasa Energy-operated oil 
well blowout December 8 in Gaines County, Texas, that released clouds of toxic fumes 
containing hydrogen sulfide. - KWES 9 Midland/Odessa (See item 3 ) 

• Interstate 10 in Louisiana, was shut down for approximately 12 hours December 8 
following a multi- vehicle crash that left 2 drivers injured. - Baton Rouge Advocate (See 
item 12) 

• The FBI announced December 8 that its current tracking system which gathers information 
on violent police encounters in the U.S. will be replaced by 2017 and will include 
additional data and near real-time reporting. - Washington Post (See item 20 ) 

• The owner of J&W Aseda Plaza in Massachusetts was charged December 8 for allegedly 
conducting more than 22,500 fraudulent Supplemental Nutritional Assistance Program 
(SNAP) benefits transactions netting $3.6 mi llion. - MassLive.com (See item 33 ) 
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Energy Sector 



1. December 9, Portland Oregonian - (Oregon) Storm leaves 30,000 Portland General 
Electric customers without power. Portland General Electric crews worked 
December 9 to restore power to nearly 30,000 customers in the Portland area after 
heavy rain and winds knocked out electricity December 8. 

Source: 

http://www.oregonlive.com/portland/index.ssf/2015/12/storms leave 30000 portland 
ge.html 

2. December 8, Torrance Daily Breeze - (California) ExxonMobil’s Torrance refinery 
hit by another emergency hazardous materials leak. Authorities responded to 
ExxonMobil’s Torrance refinery December 4 following reports of fuel vapor and 
highly toxic hydrogen sulfide escaping from a dime-sized hole in a pressurized 8-inch 
pipe. Crews repaired water monitors, preventing offsite impacts and patched the pipe. 
Source: http://www.dailybreeze.com/general-news/20151208/exxonmobils-torrance- 
refinery-hit-by-another-emergency-hazardous-materials-leak 

3. December 8, KWES 9 Midland/Odessa - (Texas) Oil well blowout reported in Gaines 
County, evacuations in effect. Over 40 residents were evacuated and temporarily 
displaced following a Tabula Rasa Energy-operated oil well blowout December 8 in 
Gaines County that released clouds of toxic fumes containing hydrogen sulfide. 
Authorities are monitoring the air quality and are investigating the cause of the pressure 
control failure which led to the blowout. 

Source: http://www.newswest9.com/storv/30695088/oil-well-blowout-reported-in- 
gaines-county 

Chemical Industry Sector 

Nothing to report 

Nuclear Reactors, Materials, and Waste Sector 

4. December 9, Port Clinton News-Herald - (Ohio) Davis-Besse renewed with NRC for 
20 years. The U.S. Nuclear Regulatory Commission issued the FirstEnergy 
Corporation-operated Davis-Besse Nuclear Power Station in Oak Harbor a 20-year 
license extension after the plant’s license was set to expire April 2017. An extensive 
review revealed that the plant implemented correct safety and environmental practices 
which allowed for the continued operations of the plant. 

Source: http://www.portclintonnewsherald.com/story/news/local/2015/12/09/davis- 
besse-renewed-nrc-20-years/76987620/ 

Critical Manufacturing Sector 

5. December 8, U.S. Consumer Product Safety Commission - (National) Kubota recalls 
utility vehicle due to fire hazard. Kubota Tractor Corporation issued a nationwide 
recall December 8 for approximately 1 1,500 model year 2013-2015 Kubota RTV- 



XI 100C series diesel-powered utility vehicles after receiving 7 reports of fires caused 
by combustible debris that can make contact with the exhaust manifold and ignite. 
Products were sold at authorized Kubota dealers nationwide between October 2013 and 
October 2015. 

Source: http://www.cpsc.gov/en/Recalls/Recall-Alerts/2016/Kubota-Recalls-Utility- 
Vehicle/ 



6. December 8, U.S. Department of Labor - (Massachusetts) Wyman Gordon employees 
exposed to mechanical and electrical hazards. The Occupational Safety and Health 
Administration issued 3 repeat and 10 serious violations to Wyman Gordon Co., 
December 8 following a December 4 investigation of the company’s aerospace parts 
manufacturing plant in North Grafton in response to a complaint regarding the presence 
of electrical, fall, and machinery hazards. Proposed fines total $145,600. 

Source: 

https://www.osha.gov/pls/oshaweb/owadisp.show document?p table=NEWS RELEA 
SES&p id=29199 

Defense Industrial Base Sector 

Nothing to report 

Financial Services Sector 

7. December 8, U.S. Attorney ’s Office, Eastern District of Pennsylvania - (New York) 

New York man charged with bank fraud. A Brooklyn man was charged in 
Pennsylvania December 8 on 3 counts of bank fraud for receiving $9.3 million worth of 
loans, loan modifications, and loan extensions from Republic First Bank by submitting 
fraudulent documents that claimed his $2 million investment portfolio was worth $26 
million to $60 million at different times. 

Source: https://www.fbi.gov/philadelphia/press-releases/2015/new-york-man-charged- 
with-bank-fraud 

8. December 8, U.S. Attorney ’s Office, District of New Mexico - (New Mexico; Colorado) 

Colorado man pleads guilty to robbing banks in Colorado and New Mexico in 
2014 and 2015. Officials from the U.S. Attorney’s Office announced December 8 that 
a Denver man pleaded guilty to committing one bank robbery in New Mexico and two 
in Colorado between August 2014 and August 2015. 

Source: https://www.fbi.gov/albuquerque/press-releases/2015/colorado-man-pleads- 
guiltv-to-robbing-banks-in-colorado-and-ne w-mexico-in-20 1 4-and-20 1 5 

9. December 8, U.S. Securities and Exchange Commission - (North Carolina) SEC 
charges ZeekRewards pyramid-Ponzi scheme promoter. The U.S. Securities and 
Exchange Commission (SEC) reported December 8 that an individual was charged 
December 4 in North Carolina for her role in an $850 million Internet-based Ponzi and 
pyramid scheme operated by Rex Venture Group LLC d/b/a ZeekRewards.com where 
she solicited investors to participate in the Web site’s program which offered investors 
several ways to earn money involving the purchase of securities that were not 



registered with the SEC from January 201 1 to August 2012. Authorities allege that the 
woman and other co-conspirators lured and falsely promised investors a share of the 
company’s purported profits. 

Source: http://www.sec.gov/litigation/litreleases/2015/lr23421.htm 

Transportation Systems Sector 

10. December 9, Associated Press - (Oregon; Washington) Landslide halts Amtrak 
service near Seattle. Amtrak passenger rail service between Portland, Oregon, and 
Vancouver, Washington, was halted December 8 through at least December 10 due to 
high waters north of Portland Union Station. Additional commuter train services were 
also cancelled due to a landslide on the tracks. 

Source: http://www.msn.com/en-us/news/us/the-latest-landslide-halts-amtrak-service- 
near-seattle/ar-AAgaKaE 

1 1 . December 8, WSB 2 Atlanta - (Georgia) Emory bus slams into building in DeKalb 
County. A DeKalb County bus crashed into the side of a building December 8 sending 
12 people to the hospital with minor injuries. 

Source: http://www.wsbtv.com/news/news/local/emory-bus-slams-building-dekalb- 
county/npfDG/ 

12. December 8, Baton Rouge Advocate - (Louisiana) For school, industry leaders, I- 10 
crash illustrates how easily region can be paralyzed by traffic problem. Interstate 
10 near Baton Rouge was shut down for approximately 12 hours December 8 while 
crews worked to clean up the wreckage from a multi-vehicle crash involving 1 car and 
6 semi-trucks that left 2 drivers injured. 

Source: http://theadvocate.com/news/14224660-126/multiple-18-wheeler-crash-closes- 
i-10-in-both-directions-closure-expected-to-continue-through-mornin 

13. December 8, Lincoln City News Guard - (Oregon) Semi truck crashes into Yamhill 
sinkhole. Oregon Highway 22 in Yamhill County was closed December 8 until further 
notice while crews worked to repair a sinkhole that stretched across the highway. 
Source: http://www.thenewsguard.com/news/update-semi-truck-crashes-into-yamhill- 
smkhole/article el 327832 -9dcb-l Ie5-ab4a-2f09f2f34a23.html 

14. December 8, Associated Press - (Indiana) Fiery semi crash closes northern Indiana 
highway for hours. All westbound lanes of Interstate 80/94 in northwestern Indiana 
were shut down for approximately 7 hours December 8 whiles crews cleared the scene 
of an accident involving a semi-truck that went off the roadway and hit a guardrail and 
concrete pillar before catching fire. 

Source: http://www.whio.com/ap/ap/indiana/fierv-serni-crash-closes-northern-indiana- 
highway-f/npfHS/ 

Food and Agriculture Sector 

15. December 8, U.S. Food and Drug Administration - (National) Kroger recalls Bakery 
Fresh Goodness chocolate brownies due to undeclared allergens. The Kroger 
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Company issued a recall December 7 for 16-ounce tubs of its Bakery Fresh Goodness 
chocolate brownies products due to misbranding and undeclared walnuts following a 
consumer report of a possible allergic reaction that may be tied to the product. The 
products were distributed to Kroger, JayC, and Smith’s retail stores across several 
States. 

Source: http://www.fda.gov/Safety/Recalls/ucm476017.htm 

16. December 8, U.S. Department of Labor - (Ohio) OSHA finds safety issues with 
ammonia refrigeration systems at Case Farms’ Ohio plants, proposes additional 
$462K in penalties. The Occupational Safety and Health Administration cited Case 
Farms with 16 repeated, 7 serious, and 2 other-than-serious violations December 1 
following an investigation of ammonia refrigeration systems at the company’s 
Winesburg and Canton facilities which found several safety and health violations. 
Proposed fines total $462,000. 

Source: 

https://www.osha.gov/pls/oshaweb/owadisp.show document?p table=NEWS RELEA 
SES&p id=29202 

Water and Wastewater Systems Sector 

Nothing to report 

Healthcare and Public Health Sector 

17. December 8, WTIC 61 Hartford - (Connecticut) Middlesex Hospital suffers patient 
data security breach. Middlesex Hospital in Middletown announced December 8 that 
it will notify 946 patients of an October phishing scam and data breach that may have 
compromised patients’ personal and medical information. 

Source: http://fox61.com/2015/12/08/middlesex-hospital-suffers-patient-data-security- 
breach/ 



Government Facilities Sector 

18. December 8, Associated Press - (Ohio) Ohio man accused of making threats against 
military members. An Ohio man was charged December 8 for allegedly posting the 
names and addresses of 100 members of the military on social media and calling for 
them to be killed. A spokesman from the Cleveland U.S. attorney’s office stated that 
the information was reposted and did not originate from the man. 

Source: http://abcnews.go.com/US/wireStorv/ohio-man-accused-making-threats- 
military-members-35658937 

19. December 8, ArmyTirnes.com - (National) Army to stop putting Social Security 
numbers on dog tags. The U.S. Army announced December 8 that soldiers’ Social 
Security numbers will no longer be imprinted on dog tags and will instead be replaced 
with a 10-digit, randomly-generated number. The change will be implemented on an 
as-needed basis. 

Source: http://www.armvtimes.com/storv/militarv/careers/armv/2015/12/08/army-stop- 
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putting-social-security-numbers-dog-tags/76984792/ 



For another story, see item 33 

Emergency Services Sector 

20. December 8, Washington Post - (National) FBI to sharply expand system for 
tracking fatal police shootings. The FBI announced December 8 its current tracking 
system that gathers information on violent police encounters in the U.S. will be 
replaced by 2017 and will include the tracking of incidents in which an officer causes 
serious injury or death to civilians, and data collection that is share with the public in 
near real-time. 

Source: https://www.washingtonpost.com/national/fbi-to-sharplv-expand-svstem-for- 
tracking-fatal-police- shootings/20 15/1 2/08/a60fbc 1 6-9dd4- 1 1 e5 -bce4- 
708fe33e3288 story.html 

21. December 8, Columbia The State; Associated Press - (South Carolina) 11 detainees 
charged after October riot at jail. Eleven detainees at the Richland County detention 
center were charged December 8 with gang-related rioting following an October 24 
incident where detainees began throwing chairs and dinner trays and refusing 
commands from staff members. 

Source: http://www.thestate.com/news/local/crime/article48666425.html 

Information Technology Sector 

22. December 9, SecurityWeek - (International) Apple issues security updates for OS X, 
iOS, Safari. Apple released security updates patching multiple vulnerabilities within its 
OS X, iOS, Safari, Xcode, watchOS, and tvOS systems including flaws affecting 
Apple’s mobile operating system, Siri, Webkit, and components such as the App 
Sandbox, Compression, Core Media Playback, EFI, and File Bookmark, among others. 
Source: http://www.securitvweek.com/apple-issues-securitv-updates-os-x-ios-safari 

23. December 9, Softpedia - (International) DNS Root servers hit by DDoS attack. 
Researchers from RootOps reported that a large-scale denial- of- service (DDoS) attack 
on the Internet’s Domain Name System (DNS) root servers caused timeouts for the B, 
C, G, and H node servers after 2 attacks blasted up to 5 million queries per second per 
DNS root name server. The DDoS attacks did not cause serious damage. 

Source: http://news.softpedia.com/news/dns-root-servers-hit-by-ddos-attack- 
497363.shtml 

24. December 9, SecurityWeek - (International) Adobe patches 77 vulnerabilities in 
Flash Player. Adobe released new versions of its Flash Player for OS X, Windows, 
Linux, and Android systems, patching 77 critical vulnerabilities including buffer 
overflow, stack overflow, type confusion, integer overflow issues, use-after free 
vulnerabilities, three security bypass flaws, and other memory corruption issues that 
can lead to code execution. 

Source: http://www.securitvweek.com/adobe-patches-77-vulnerabilities-flash-plaver 
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25. December 9, SecurityWeek - (International) Microsoft patches Windows, Office 
flaws exploited in the wild. Microsoft released 12 security bulletins addressing 60 
flaws in several of its products including Windows, Internet Explorer, Edge, .NET, 
Office, and Skype for Business, among other products, addressing 2 zero-day flaws 
exploited in the wild that could allow attackers to run arbitrary code and gain control of 
the infected system if a victim logs on with administrative rights. 

Source: http://www.sccuritywcck.com/microsoft-patchcs-windows-officc-flaws- 
exploited-wild 

26. December 8, SecurityWeek - (International) Critical flaw found in AVG, McAfee, 
Kaspersky products. Researchers from enSilo discovered a serious vulnerability in 
AVG, McAfee, and Kaspersky security products that allows attackers to bypass 
Windows protection protocol and exploit vulnerabilities in third-party applications to 
compromise the underlying system in a multi-stage attack. AVG, McAfee, and 
Kaspersky patched the flaws in each of their systems. 

Source: http://www.securitvweek.com/critical-flaw-found-avg-mcafee-kaspersky- 
products 

27. December 8, SecurityWeek - (International) SAP security updates patch 19 new 
flaws. SAP released 26 patches for its software addressing 19 new vulnerabihties and 7 
updated patches including 4 cross-site scripting (XSS), 3 information disclosure flaws, 
4 missing authorization and authentication check issues, and 2 denial-of- service (DoS) 
vulnerabilities, among other patched issues. 

Source: http://www.securitvweek.com/sap-securitv-updates-patch-19-new-flaws 

28. December 8, Softpedia - (International) Security flaw fixed in Malwarebytes 
antivirus. Malwarebytes Corporation released a patch for its Windows antivirus 
software after a researcher from COSIG research & pentesting team discovered a 
security vulnerability that can be exploited when a malformed executable with an 
invalid integer(-l) in the “SizeOfRawData” in UPX section is deconstructed by the 
Malwarebytes antivirus, enabling a memory corruption flaw that can expose the 
infected system to an arbitrary code attack. Malwarebytes stated there was no evidence 
to suggest the exploit was used in the wild. 

Source: http://news.softpedia.com/news/securitv-flaw-fixed-in-malwarebytes-antivirus- 
497329-shtml 



Internet Alert Dashboard 



To report cyber infrastructure incidents or to request information, please contact US-CERT at soc@us-cert.gov or 
visit their Web site: http://www.us-ccrt.gov 

Information on IT information sharing and analysis can be found at the IT ISAC (Information Sharing and 
Analysis Center) Web site: http://www.it-isac.org 



Communications Sector 

Nothing to report 
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Commercial Facilities Sector 



29. December 9, KYTV 3 Springfield; South Bend Schurz Communication - (Missouri) 

Walmart shoppers get scare as shoplifter’s gun fires inside store. A Walmart store 
in Springfield, Missouri, was evacuated and closed December 8 after a shoplifter’s gun 
discharged inside the building while being confronted by store employees. Officials are 
investigating whether the shots were fired purposely or accidentally and police 
apprehended one suspect while another suspect fled on foot. 

Source: http://www.kv3.com/news/local/shot-fired-brings-maior-police-presence-to-s- 
campbell-walmart/2 1048998 36865804 

30. December 8, WITI 6 Milwaukee - (Wisconsin) Milwaukee Fire Department: two- 
alarm blaze at apartment building on north side is suspicious. A 2-alarm fire at a 
Milwaukee assisted living facility caused $200,000 in damages and displaced 14 people 
December 8. 

Source: http://fox6now.com/2015/12/Q8/developing-milwaukee-firefighters-battle-two- 
alarm-blaze-at-apartment-building/ 

31. December 8, KTRK 13 Houston - (Texas) Families left homeless before Christmas 
after massive fire near Galleria. Houston firefighters reported that about 70 people 
were displaced from Buildings 18 and 19 at the Palms of Westheimer December 8 
following a 4-alarm fire that caused extensive damage to the building. One firefighter 
sustained minor injuries for smoke inhalation and the cause of the fire is under 
investigation. 

Source: http://abcl3.com/news/massive-fire-burns-at-galleria-area- 
apartments/1 114553/ 

32. December 8, KNSD 39 San Diego - (National) Security breach at restaurant chain 
Elephant Bar may affect customers’ cards across 7 states. Dallas-based CM Ebar, 
LLC reported December 8 that payment processing systems for its Elephant Bar 
restaurants were compromised and may have exposed an unknown amount of 
customers’ names and payment card information across seven States after a forensic 
investigation revealed that individuals installed malicious software onto payment 
systems. Customers who used their debit or credit cards from August 12 - December 4 
were affected. 

Source: http://www.nbcsandiego.com/news/local/Security-Breach-at-Restaurant-Chain- 
Elephant-Bar-May-Affect-Customers-Cards-Across-7-States-36 1080981.html 

33. December 8, MassLive.com - (Massachusetts) Worcester store conducted more than 
22,500 questionable food stamp transactions in $3.6 million SNAP theft. A 

convenience store owner was charged December 8 for 1 count of conspiracy to commit 
Supplemental Nutritional Assistance Program (SNAP) benefits fraud and 1 count of 
money laundering and SNAP fraud following allegations that the woman conducted 
more than 22,500 transactions of $100 or more within a 4-year span at her J&W Aseda 
Plaza store in Massachusetts. The woman stole $3.6 million from the Federal 
government and paid individuals 50 cents for every SNAP dollar. 



- 8 - 



Source: 

http://www.masslive.com/news/worcester/index.ssf/2015/12/vida causeys Worcester s 
tore c.html 



Dams Sector 



Nothing to report 
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About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday 
through Friday] summary of open-source published information concerning significant critical 
infrastructure issues. The DHS Daily Open Source Infrastructure Report is archived for 10 days on 
the Department of Homeland Security Web site: http://www.dhs.gov/IPDailyReport 

Contact Information 
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Daily Report Team at (703) 942-8590 

Subscribe to the Distribution List: Visit the DHS Daily Open Source Infrastructure Report and follow 
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Contact DHS 

To report physical infrastructure incidents or to request information, please contact the National Infrastructure 
Coordinating Center at nicc@hq.dhs.gov or (202) 282-9201. 

To report cyber infrastructure incidents or to request information, please contact US-CERT at soc@us-cert.gov or visit 
their Web page at www.us-cert.gov . 

Department of Homeland Security Disclaimer 

The DHS Daily Open Source Infrastructure Report is a non-commercial publication intended to educate and inform 
personnel engaged in infrastructure protection. Further reproduction or redistribution is subject to original copyright 
restrictions. DHS provides no warranty of ownership of the copyright, or accuracy with respect to the original source 
material. 
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